Rechercher
SupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 2. Using two-factor authentication

download PDF

Using two-factor authentication consists of the following activities.

Note

Google Authenticator and FreeOTP Authenticator are the only supported token generators for providing two-factor authentication one-time codes. Hardware tokens, SMS (text-message) tokens, and other apps are not supported. You can install these apps on your smartphone or other compatible Android or iOS device.

While you update your signing in options, you might be asked to log in again. This is a normal action and is provided to increase account security.

2.1. Configuring organization-wide authentication factors

The Organization Administrator can enable two-factor authentication for all users in their organization. When enabled, two-factor authentication must be used in addition to a password for a user to log in to their Red Hat user account.

After two-factor authentication is enabled for all users, users are prompted to set up their authentication app before they can proceed. When they complete the two-factor authentication set up, they must use the one-time code from their authenticator app each time they log in.

Note

When a user optionally chooses to enable two-factor authentication for their user account through their Signing in settings, the two-factor authentication remains enabled for their account regardless of the organizational two-factor authentication settings.

Prerequisites

  • Only a user with Organization Administrator permissions can enable organization-wide two-factor authentication.

Procedure

  1. Log in to Red Hat Hybrid Cloud Console as a user who has Organization Administrator permission.
  2. From the home page after you log in, click ⚙ (Settings).
  3. Click Authentication Policy.
  4. When the Authentication Policy window appears,click Authentication Factors.
  5. On the Authentication factors page, check Enable two-factor authentication for your organization.
  6. Click Save.

Two-factor authentication is now required for all users in your organization.

2.2. Verifying your account information

You might be asked to verify your account information before you can continue to enable two-factor authentication. Red Hat verifies that your account has a confirmed email address and a phone number associated with it before you can enable two-factor authentication. The phone number is required and must be able to receive phone calls directly to you if you need to recover your account.

2.2.1. Confirming your email information

Confirm your current email address when you receive a confirmation request while logging in to a Red Hat portal. If your email is not yet confirmed, an alert message appears: "Your email address has not been confirmed."

Prerequisites

  • A registered Red Hat user account.
  • An email address where you can receive a confirmation notice.

Procedure

Follow these steps if you receive an email confirmation request notice when you log in to a Red Hat portal.

  1. Log in to your Red Hat user account.
  2. When a confirmation alert message appears, click Resend confirmation email if you have not yet received a confirmation email.
  3. Check your email for an email confirmation message from no-reply@redhat.com.
  4. Follow the instructions in the email for confirming your email address.
  5. When you complete the instructions, a confirmation window appears.

2.2.2. Verifying your phone information

If your account does not have a phone number, you might see a verification notice that asks you to provide a phone number.

Note

The phone number is required and must be able to receive phone calls directly to you if you need to recover your account.

Prerequisites

  • A registered Red Hat user account.
  • A telephone number where you can receive direct voice calls.

Procedure

Follow these steps if you receive a phone number verification notice when you log in to a Red Hat portal.

  1. Log in to your Red Hat user account.
  2. Enter your contact phone number, including any country code, in the verification window.
  3. Click Submit.

2.3. Enabling two-factor authentication for a Red Hat user account

The Organization Administrator for your account can enable organization-wide two-factor authentication, which requires everyone in the organization to use two-factor authentication when they sign in.

Note

If your company policy requires two-factor authentication to access your Red Hat account and you have not yet enabled two-factor authentication, you will see the instructions to enable two-factor authentication immediately after you log in.

If organization-wide two-factor authentication is not required, you can enable, or turn on, two-factor authentication for your Red Hat user account. After you enable two-factor authentication you will use a one-time code in addition to your Red Hat login and password to log in to your Red Hat account. The one-time code is generated by an authenticator app that you install on your smartphone or other supported device.

Prerequisites

  • A registered Red Hat user account.
  • A smartphone or other device with the Google Authenticator app or the FreeOTP app installed.

Procedure

The following steps assume that you have installed a supported authenticator app.

  1. Log in to your Red Hat user account on any Red Hat site, such as Red Hat Customer Portal.

  2. Click your user avatar in the upper right corner of the panel.

    1. Click Account details. A page opens where you can edit your account information.

    2. If you log in through Red Hat Hybrid Cloud Console, click My profile under your user avatar to edit your account information.

      img RH login icon hilite scaled

      A page opens where you can review your account information.

      Note

      Depending on which login portal you use, a different icon may appear.

  3. Click Login & password.
  4. On the Login & password page click Manage two-factor authentication. The Signing in page opens.
  5. On the Signing in page, click Set up authenticator application. You must log in again to verify your account before the Enable two-factor authentication page appears.

  6. Open the authenticator app on your smart phone and select the option to add a token. You can use one of these methods to add a token for the Red Hat two-factor authentication.

    1. Use the authenticator app to scan the QR code that opens on the two-factor authentication page.
    2. Alternatively, you can click Unable to scan? Enter the key instead which displays a 32-character key string that you must enter into your authenticator app.
  7. After you scan the QR code (or enter the key string), the authenticator app creates an initial one-time 6-digit code. Enter this code into the One-time code field.

  8. You can enter an optional name in the Device name field. This name can remind you which of your mobile devices has the authenticator app for this login.

    • Click Enable to complete setting up two-factor authentication.

Verification

The signing in page shows when the authenticator app was set up and any optional name you gave to the app.

img RH 2FA enable complete

2.4. Logging in with two-factor authentication

Use a one-time code provided by your authenticator app to log in to your Red Hat user account on any Red Hat site, such as Red Hat Customer Portal. The authenticator app refreshes the one-time code every 30 seconds. Because of the timing, you might need to enter a refreshed code if the initial code does not work.

Prerequisites

Procedure

  1. Open the authenticator app.
  2. Use your browser to navigate to a Red Hat site, such as Red Hat Customer Portal.
  3. Enter your email or your Red Hat login.
  4. Enter your Red Hat password. A page opens to verify two-factor authentication.
  5. Enter the 6-digit one-time code from your authenticator app into the One-time code box and click Log in.
    Your Red Hat account greeting page opens.

Verification

If the 6-digit one-time code is not accepted, you will remain on the verification page. You can try the following actions.

  1. Wait a few seconds and enter a new code from your authenticator app.
  2. If you have more than one token enabled in your authenticator app, make sure you are using the token for your Red Hat account. For example, you might have two-factor authentication tokens for a Google account, a banking account, and a Red Hat account.
  3. If you cannot successfully log in to your Red Hat with two-factor authentication enabled, contact Red Hat Customer Service for assistance in resetting your account.

2.5. Removing two-factor authentication (2FA) for a Red Hat user account

You can remove the two-factor authentication for your Red Hat user account. If the Organization Administrator has set a policy that requires user accounts to enable two-factor authentication, the next time you log in after removing two-factor authentication you must reenable two-factor authentication for your user login.

Each time you reenable two-factor authentication for your user login, you add a new token to your authenticator app. It is up to you to manage the disabled tokens on your smartphone.

See Chapter 4, Revoking two-factor authentication when your authenticator device is lost if you have lost your authenticator device and need Red Hat Customer Service to revoke your two-factor authentication.

Prerequisites

  • A registered Red Hat user account.
  • A smartphone or other device with the Google Authenticator app or the FreeOTP app installed.
  • A Red Hat user account with two-factor authentication enabled.

Procedure

  1. Log in to your Red Hat user account using two-factor authentication.
    Section 2.4, “Logging in with two-factor authentication”

  2. Click your user avatar in the upper right corner of the page.

    1. Click Account details. A page opens where you can edit your account information.
    2. If you log in through Red Hat Hybrid Cloud Console, click My profile under your user avatar to edit your account information.

    img RH login icon hilite scaled

    + A page opens where you can review your account information.

    Note

    Depending on which login portal you use, a different icon may appear.

  3. Click Login & password.
  4. On the Login & password page click Manage 2-factor authentication. The Signing in page opens.

  5. Click Delete to remove two-factor authentication for your user login.

    Note

    The Delete button disables, or turns off two-factor authentication for your user login. If you reenable two-factor authentication, you will repeat the enable authentication steps, which adds a new token to your authenticator app. The token associated with the disabled authenticator will no longer work.

  6. For verification you must log in again with two-factor authentication. A page appears where you click CONFIRM DELETION to remove two-factor authentication from your user account. After you confirm deletion, you return to the Signing in page.
Red Hat logoGithubRedditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez leBlog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

© 2024 Red Hat, Inc.